Missing User Warnings
Medium
- Confidence
- 92% confidence
- Finding
- The README instructs users to pass an Overleaf session cookie directly on the command line via `olcli auth --cookie "SESSION_COOKIE"` without any warning about credential sensitivity. Command-line secrets can be exposed through shell history, process listings, terminal logging, or agent telemetry, so this guidance increases the chance of credential leakage and account compromise.
